You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by sa...@apache.org on 2018/08/29 18:41:11 UTC
[geode] branch develop updated: GEODE-5594: Rename SSL hostname
validation property name (#2398)
This is an automated email from the ASF dual-hosted git repository.
sai_boorlagadda pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/develop by this push:
new 64845ab GEODE-5594: Rename SSL hostname validation property name (#2398)
64845ab is described below
commit 64845ab35f8c231e258993b36656f1c5b03b3934
Author: Sai Boorlagadda <sa...@gmail.com>
AuthorDate: Wed Aug 29 11:41:06 2018 -0700
GEODE-5594: Rename SSL hostname validation property name (#2398)
renamed ssl-enable-endpoint-identification
to ssl-endpoint-identification-enabled.
---
.../org/apache/geode/internal/SSLConfigJUnitTest.java | 19 +++++++++++++++++++
.../geode/distributed/ConfigurationProperties.java | 2 +-
2 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/geode-core/src/integrationTest/java/org/apache/geode/internal/SSLConfigJUnitTest.java b/geode-core/src/integrationTest/java/org/apache/geode/internal/SSLConfigJUnitTest.java
index 9d43322..cacfec5 100755
--- a/geode-core/src/integrationTest/java/org/apache/geode/internal/SSLConfigJUnitTest.java
+++ b/geode-core/src/integrationTest/java/org/apache/geode/internal/SSLConfigJUnitTest.java
@@ -51,6 +51,9 @@ import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_PR
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_REQUIRE_AUTHENTICATION;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_TRUSTSTORE;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_TRUSTSTORE_PASSWORD;
+import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENDPOINT_IDENTIFICATION_ENABLED;
+import static org.apache.geode.internal.security.SecurableCommunicationChannel.ALL;
+import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
@@ -64,6 +67,7 @@ import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.apache.geode.distributed.internal.DistributionConfigImpl;
+import org.apache.geode.internal.admin.SSLConfig;
import org.apache.geode.internal.net.SSLConfigurationFactory;
import org.apache.geode.test.junit.categories.SecurityTest;
@@ -1082,6 +1086,21 @@ public class SSLConfigJUnitTest {
config.getJmxManagerSSLTrustStorePassword());
}
+ @Test
+ public void testEndpointIdentificationSSLConfig() {
+ Properties props = new Properties();
+
+ props.put("ssl-enabled-components", ALL);
+ props.put("ssl-endpoint-identification-enabled", "true");
+
+ SSLConfig sslConfig = SSLConfigurationFactory.getSSLConfigForComponent(props, ALL);
+ assertThat(sslConfig.doEndpointIdentification()).isTrue();
+
+ props.put(SSL_ENDPOINT_IDENTIFICATION_ENABLED, "false");
+ sslConfig = SSLConfigurationFactory.getSSLConfigForComponent(props, ALL);
+ assertThat(sslConfig.doEndpointIdentification()).isFalse();
+ }
+
private static Properties getGfSecurityPropertiesSSL() {
Properties gfSecurityProps = new Properties();
diff --git a/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java b/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
index e44915a..f8f0c03 100644
--- a/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
+++ b/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
@@ -1939,7 +1939,7 @@ public interface ConfigurationProperties {
* <U>Default</U>: code>"false"</code>
* <U>Since</U>: Geode 1.8
*/
- String SSL_ENDPOINT_IDENTIFICATION_ENABLED = "ssl-enable-endpoint-identification";
+ String SSL_ENDPOINT_IDENTIFICATION_ENABLED = "ssl-endpoint-identification-enabled";
/**
* The static String definition of the <i>"ssl-enabled-components"</i> property <a
* name="ssl-enabled-components"/a>